💼 [EC2.3] Attached Amazon EBS volumes should be encrypted at-rest
- ID:
/frameworks/aws-fsbp-v1.0.0/ec2/03
Description
For an added layer of security of your sensitive data in EBS volumes, you should enable EBS encryption at rest. Amazon EBS encryption offers a straightforward encryption solution for your EBS resources that doesn't require you to build, maintain, and secure your own key management infrastructure. It uses KMS keys when creating encrypted volumes and snapshots.
Similar
- AWS Security Hub
- Internal
- ID:
dec-c-912f2464
- ID:
Similar Sections (Give Policies To)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 NIST SP 800-53 Revision 5 → 💼 CA-9(1) Internal System Connections _ Compliance Checks | 54 | no data | |||
| 💼 NIST SP 800-53 Revision 5 → 💼 CM-3(6) Configuration Change Control _ Cryptography Management | 17 | no data | |||
| 💼 NIST SP 800-53 Revision 5 → 💼 SC-7(10) Boundary Protection _ Prevent Exfiltration | 18 | no data | |||
| 💼 NIST SP 800-53 Revision 5 → 💼 SC-13 Cryptographic Protection | 4 | 32 | no data | ||
| 💼 NIST SP 800-53 Revision 5 → 💼 SC-28 Protection of Information at Rest | 3 | 17 | 37 | no data | |
| 💼 NIST SP 800-53 Revision 5 → 💼 SC-28(1) Protection of Information at Rest _ Cryptographic Protection | 10 | 25 | no data | ||
| 💼 NIST SP 800-53 Revision 5 → 💼 SI-7(6) Software, Firmware, and Information Integrity _ Cryptographic Protection | 27 | no data |
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
Policies (3)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ AWS EBS Attached Volume is not encrypted🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS EBS Attached Volume is not encrypted with KMS CMK🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS EBS Snapshot is not encrypted🟢 | 1 | 🟢 x6 | no data |